From 4a5919dc3a2f60db6b6143cf5dfc18d1069c6c21 Mon Sep 17 00:00:00 2001
From: Clara <2524209+ClaraLeigh@users.noreply.github.com>
Date: Mon, 1 Nov 2021 14:49:27 +1000
Subject: [PATCH] Bugfix incorrect api_key in SessionToken function

Fixes an issue where the verifyValidity() function checks the api token against the global api_key instead of any shop specific token.
Also fixes an infinite loop error that was occurring for myself, possibly related to: https://github.com/osiset/laravel-shopify/issues/962
---
 src/Objects/Values/SessionToken.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/Objects/Values/SessionToken.php b/src/Objects/Values/SessionToken.php
index dbc6b6d4..58775dfd 100644
--- a/src/Objects/Values/SessionToken.php
+++ b/src/Objects/Values/SessionToken.php
@@ -251,7 +251,7 @@ protected function verifySignature(): void
     protected function verifyValidity(): void
     {
         Assert::that($this->iss)->contains($this->dest, self::EXCEPTION_INVALID);
-        Assert::that($this->aud)->eq(Util::getShopifyConfig('api_key'), self::EXCEPTION_INVALID);
+        Assert::that($this->aud)->eq(Util::getShopifyConfig('api_key', $this->getShopDomain()), self::EXCEPTION_INVALID);
     }
 
     /**